New tools claim to use over +130 APIs, increasing the volume of SMS messages sent before being blocked by service providers.
M-logique / iran-bomber. Star 155. An extremely fast, cross-platform SMS Bomber written in Go. sms-bomber sms-bombing iranian-sms-
Several repositories are frequently updated to maintain functionality against changing Iranian SMS gateway APIs: iran-bomber (M-logique)
Many developers upload SMS bomber scripts written in languages like Python, Bash, or JavaScript to GitHub. These repositories often include lists of vulnerable APIs (known as "endpoints") used to trigger the SMS messages. sms bomber github iran upd
: Frequently cited as one of the fastest options, this tool features over
For every Iranian citizen whose phone buzzes 3,000 times in an hour, the problem is not technological—it is a failure of API security, carrier oversight, and geopolitical restraint. Until global API providers implement stricter rate limiting and CAPTCHA requirements, and until GitHub automates the removal of abusive tools, the SMS bomber will remain the digital equivalent of a swarm of locusts: impossible to ignore, difficult to stop, and constantly updated.
If you have any specific questions or topics you'd like to discuss further, I'm here to help. New tools claim to use over +130 APIs,
An SMS bomber works by programmatically triggering the "send verification code" or "forgot password" features of multiple websites simultaneously. In Iran, these tools are frequently written in or Go and are designed for use on Linux or Termux (an Android terminal emulator). Commonly targeted Iranian platforms include:
Several active and recently updated SMS bomber projects targeting Iranian services are available on GitHub, primarily written in and Python . Top Active Projects (Updated late 2025/early 2026)
: Modern mobile operating systems utilize cloud-based spam filters that recognize rapid bursts of OTP requests and automatically silence them into a separate folder. Next Steps in Cybersecurity Analysis An extremely fast, cross-platform SMS Bomber written in Go
SMS Bombers typically operate by exploiting the SMS messaging system. They can use a variety of methods to send messages, including:
Integrating CAPTCHA challenges (such as reCAPTCHA or domestic alternatives) on registration and login forms prevents automated scripts from executing requests. Bombers generally rely on headless, automated scripts that cannot easily solve complex visual or behavioral puzzles. 3. IP Blacklisting and Behavior Analysis
It sends rapid, automated HTTP requests to these endpoints, inputs the target's phone number, and triggers a verification text.
While often used for "pranks," these tools present significant risks and ethical concerns: